notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)Want a good monitor light? See my photosAll times are UTC		 Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

non port: security/zeek/files/patch-auxil_highwayhash_highwayhash_os__specific.cc

Number of commits found: 2

Wednesday, 22 Sep 2021
22:15 Craig Leres (leres) search for other commits by this committer 
security/zeek: Update to 4.0.4

    https://github.com/zeek/zeek/releases/tag/v4.0.4

This release fixes two vulnerabilities:

 - Paths from log stream make it into system() unchecked, potentially
   leading to commands being run on the system unintentionally.
   This requires either bad scripting or a malicious package to be
   installed, and is considered low severity.

 - Fix potential unbounded state growth in the PIA analyzer when
   receiving a connection with either a large number of zero-length
   packets, or one which continues ack-ing unseen segments. It is
   possible to run Zeek out of memory in these instances and cause
   it to crash. Due to the possibility of this happening with packets
   received from the network, this is a potential DoS vulnerability.

Other fixes:

 - The highwayhash submodule was updated to fix a build failure on
   FreeBSD 14.

 - Packet sources that don't have a selectable file descriptor could
   potentially prevent the network time from ever updating, which
   would have adverse effects on the primary run loop such as
   preventing timers from executing.

 - Specific conditions in the run loop could lead RotationTimers
   to get into an infinite loop.

 - Specially crafted HTTP packets could avoid the HTTP analyzer.

 - Zeekctl crashes using the zeekctl status command if the
   StatusCmdShowAll option is set to 1 in zeekctl.cfg.

 - The ignore_checksum_nets option does not work correctly if
   configured with multiple subnets.

Reported by:	Tim Wojtulewicz
Security:	d4d21998-bdc4-4a09-9849-2898d9b41459
commit hash: b45eb65a92c227e19553d291f1855c203d472e0f commit hash: b45eb65a92c227e19553d291f1855c203d472e0f commit hash: b45eb65a92c227e19553d291f1855c203d472e0f commit hash: b45eb65a92c227e19553d291f1855c203d472e0f b45eb65
Monday, 12 Jul 2021
01:57 Craig Leres (leres) search for other commits by this committer 
security/zeek: Unbreak build under 14.0-CURRENT

According to the cpuset(2) man page, sys/param.h must be included
before sys/cpuset.h. This was fixed in zeek (in the highwayhash
submodule) in May of 2020 and undone in August of 2020. Add a patch
that matches the pull request I just created with upstream:

    https://github.com/zeek/highwayhash/pull/1

Thanks to @pluknet for diagnosing the build failure.

Reported by:	pkg-fallout
commit hash: 385875760f0749c31b4c596f4663485b7d68b464 commit hash: 385875760f0749c31b4c596f4663485b7d68b464 commit hash: 385875760f0749c31b4c596f4663485b7d68b464 commit hash: 385875760f0749c31b4c596f4663485b7d68b464 3858757

Number of commits found: 2
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
Security Policy
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
clamavApr 19
jenkinsApr 19
jenkins-ltsApr 19
electron27Apr 18
electron28Apr 18
electron29Apr 18
filezillaApr 16
php81Apr 16
php82Apr 16
php83Apr 16
puttyApr 16
putty-nogtkApr 16
go121Apr 15
go122Apr 15
chromiumApr 12

15 vulnerabilities affecting 281 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last processed:
2024-04-19 20:48:44 UTC


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)

Calculated hourly:
Port count 32208
Broken 87
Deprecated 179
Ignore 219
Forbidden 2
Restricted 2
No CDROM 1
Vulnerable 39
Expired 5
Set to expire 153
Interactive 0
new 24 hours 2
new 48 hours4
new 7 days9
new fortnight43
new month179
Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD 		Valid HTML, CSS, and RSS. Copyright © 2000-2024 Dan Langille. All rights reserved.